0337d704 |
1 | <?php |
2 | /*************************************************************************** |
3 | * Copyright (C) 2003-2004 Polytechnique.org * |
4 | * http://opensource.polytechnique.org/ * |
5 | * * |
6 | * This program is free software; you can redistribute it and/or modify * |
7 | * it under the terms of the GNU General Public License as published by * |
8 | * the Free Software Foundation; either version 2 of the License, or * |
9 | * (at your option) any later version. * |
10 | * * |
11 | * This program is distributed in the hope that it will be useful, * |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of * |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * |
14 | * GNU General Public License for more details. * |
15 | * * |
16 | * You should have received a copy of the GNU General Public License * |
17 | * along with this program; if not, write to the Free Software * |
18 | * Foundation, Inc., * |
19 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * |
20 | ***************************************************************************/ |
21 | |
22 | require_once("xorg.inc.php"); |
23 | new_admin_page('admin/utilisateurs.tpl'); |
d9a33f98 |
24 | $page->assign('xorg_title','Polytechnique.org - Administration - Edit/Su/Log'); |
0337d704 |
25 | require_once("emails.inc.php"); |
26 | require_once("user.func.inc.php"); |
27 | |
28 | if (Session::has('suid')) { |
29 | $page->kill("déjà en SUID !!!"); |
30 | } |
31 | |
32 | if (Env::has('user_id')) { |
33 | $login = get_user_login(Env::getInt('user_id')); |
34 | } elseif (Env::has('login')) { |
35 | $login = get_user_login(Env::get('login')); |
36 | } else { |
37 | $login = false; |
38 | } |
39 | |
40 | if(Env::has('logs_button') && $login) { |
41 | header("Location: logger.php?loguser=$login&year=".date('Y')."&month=".date('m')); |
42 | } |
43 | |
44 | if (Env::has('ax_button') && $login) { |
45 | header("Location: synchro_ax.php?user=$login"); |
46 | } |
47 | |
48 | if(Env::has('suid_button') && $login) { |
49 | $_SESSION['log']->log("suid_start", "login by ".Session::get('forlife')); |
50 | $_SESSION['suid'] = $_SESSION; |
51 | $r = $globals->xdb->query("SELECT id FROM aliases WHERE alias={?}", $login); |
52 | if($uid = $r->fetchOneCell()) { |
53 | start_connexion($uid,true); |
54 | header("Location: ../"); |
55 | } |
56 | } |
57 | |
58 | if ($login) { |
59 | $r = $globals->xdb->query("SELECT *, a.alias AS forlife |
60 | FROM auth_user_md5 AS u |
61 | INNER JOIN aliases AS a ON ( a.id = u.user_id AND a.alias={?} AND type!='homonyme' )", $login); |
62 | $mr = $r->fetchOneAssoc(); |
63 | |
64 | $redirect = new Redirect($mr['user_id']); |
65 | |
66 | // Check if there was a submission |
67 | foreach($_POST as $key => $val) { |
68 | switch ($key) { |
69 | case "add_fwd": |
70 | $email = trim(Env::get('email')); |
71 | if (!isvalid_email_redirection($email)) { |
72 | $page->trig("invalid email $email"); |
73 | } else { |
74 | $redirect->add_email($email); |
75 | $page->trig("Ajout de $email effectué"); |
76 | } |
77 | break; |
78 | |
79 | case "del_fwd": |
80 | if (!empty($val)) { |
81 | $redirect->delete_email($val); |
82 | } |
83 | break; |
84 | |
85 | case "del_alias": |
86 | if (!empty($val)) { |
87 | $globals->xdb->execute("DELETE FROM aliases WHERE id={?} AND alias={?} |
88 | AND type!='a_vie' AND type!='homonyme'", $mr['user_id'], $val); |
89 | fix_bestalias($nr['user_id']); |
90 | $page->trig($val." a été supprimé"); |
91 | } |
92 | break; |
93 | |
94 | case "add_alias": |
95 | $globals->xdb->execute("INSERT INTO aliases (id,alias,type) VALUES ({?}, {?}, 'alias')", |
96 | $mr['user_id'], Env::get('email')); |
97 | break; |
98 | |
99 | case "best": |
100 | // 'bestalias' is the first bit of the set : 1 |
101 | // 255 is the max for flags (8 sets max) |
102 | $globals->xdb->execute("UPDATE aliases SET flags= flags & (255 - 1) WHERE id={?}", $mr['user_id']); |
103 | $globals->xdb->execute("UPDATE aliases |
104 | SET flags= flags | 1 |
105 | WHERE id={?} AND alias={?}", $mr['user_id'], $val); |
106 | break; |
107 | |
108 | |
109 | // Editer un profil |
110 | case "u_edit": |
111 | $pass_md5B = Env::get('newpass_clair') != "********" ? md5(Env::get('newpass_clair')) : Env::get('passw'); |
112 | $naiss = Env::get('naissanceN'); |
113 | $perms = Env::get('permsN'); |
114 | $prenm = Env::get('prenomN'); |
115 | $nom = Env::get('nomN'); |
116 | $promo = Env::getInt('promoN'); |
117 | $nom = Env::get('nomN'); |
118 | $comm = Env::get('commentN'); |
119 | |
120 | $query = "UPDATE auth_user_md5 SET |
121 | naissance = '$naiss', |
122 | password = '$pass_md5B', |
123 | perms = '$perms', |
124 | prenom = '".addslashes($prenm)."', |
125 | nom = '".addslashes($nom)."', |
126 | promo = $promo, |
127 | comment = '".addslashes($comm)."' |
128 | WHERE user_id = '{$mr['user_id']}'"; |
129 | if ($globals->xdb->execute($query)) { |
130 | user_reindex($mr['user_id']); |
131 | |
132 | require_once("diogenes/diogenes.hermes.inc.php"); |
133 | $mailer = new HermesMailer(); |
134 | $mailer->setFrom("webmaster@polytechnique.org"); |
135 | $mailer->addTo("web@polytechnique.org"); |
136 | $mailer->setSubject("INTERVENTION ADMIN (".Session::get('forlife').")"); |
137 | $mailer->setTxtBody(preg_replace("/[ \t]+/", ' ', $query)); |
138 | $mailer->send(); |
139 | |
140 | $page->trig("updaté correctement."); |
141 | } |
142 | if (Env::get('nomusageN') != $mr['nom_usage']) { |
143 | require_once('nomusage.inc.php'); |
144 | set_new_usage($mr['user_id'], Env::get('nomusageN'), make_username(Env::get('prenomN'), Env::get('nomusageN'))); |
145 | } |
146 | $r = $globals->xdb->query("SELECT *, a.alias AS forlife |
147 | FROM auth_user_md5 AS u |
148 | INNER JOIN aliases AS a ON (u.user_id=a.id) |
149 | WHERE user_id = {?}", $mr['user_id']); |
150 | $mr = $r->fetchOneAssoc(); |
151 | break; |
152 | |
153 | // DELETE FROM auth_user_md5 |
154 | case "u_kill": |
155 | user_clear_all_subs($mr['user_id']); |
156 | $page->trig("'{$mr['user_id']}' a été désinscrit !"); |
157 | require_once("diogenes/diogenes.hermes.inc.php"); |
158 | $mailer = new HermesMailer(); |
159 | $mailer->setFrom("webmaster@polytechnique.org"); |
160 | $mailer->addTo("web@polytechnique.org"); |
161 | $mailer->setSubject("INTERVENTION ADMIN (".Session::get('forlife').")"); |
162 | $mailer->setTxtBody("\nUtilisateur $login effacé"); |
163 | $mailer->send(); |
164 | break; |
165 | } |
166 | } |
167 | |
168 | $res = $globals->xdb->query("SELECT UNIX_TIMESTAMP(start), host |
169 | FROM logger.sessions |
170 | WHERE uid={?} AND suid=0 |
171 | ORDER BY start DESC |
172 | LIMIT 1", $mr['user_id']); |
173 | list($lastlogin,$host) = $res->fetchOneRow(); |
174 | $page->assign('lastlogin', $lastlogin); |
175 | $page->assign('host', $host); |
176 | |
177 | $page->assign('aliases', $globals->xdb->iterator( |
178 | "SELECT alias, type='a_vie' AS for_life,FIND_IN_SET('bestalias',flags) AS best,expire |
179 | FROM aliases |
180 | WHERE id = {?} AND type!='homonyme' |
181 | ORDER BY type!= 'a_vie'", $mr["user_id"])); |
182 | $page->assign('xorgmails', $xorgmails); |
183 | $page->assign('email_panne', $email_panne); |
184 | $page->assign('emails',$redirect->emails); |
185 | |
186 | $page->assign('mr',$mr); |
187 | } |
188 | |
189 | $page->run(); |
190 | |
191 | // vim:set et sws=4 sts=4 sw=4: |
192 | ?> |